Experts warn that DNA sequencers are vulnerable to bootkit attacks
- Eclypsium researchers find vulnerability in the way iSeq 100 starts up
- The bug allows threat actors to establish persistence, block the device, or tamper with the results
- A patch is now available, so update now
A popular DNA sequencer has been found with a vulnerability that could allow threat actors to establish persistence on the device, destroy its hardware or even tamper with the results, experts claim.
Eclypsium researchers analyzed the BIOS firmware in iSeq 100, a DNA sequencer built by US biotechnology company Illumina, a benchtop sequencing system designed for small-scale genomic and targeted sequencing applications. It is used to read and analyze DNA, help researchers understand genetic information, study diseases, develop treatments, or investigate how organisms are related.
Eclypsium said the device boots an older version of the BIOS firmware, which even ran in Compatibility Support Mode (CSM), to support older devices. It did not boot with standard protections, including Secure Boot technology.
Manipulating outcomes
All this left iSeq 100 vulnerable to nine different bugs, some of which were discovered in 2017, and with different severity scores. Threat actors could launch LogoFAIL, Specter 2 and Microarchitectural Data Sampling (MDS) attacks on these devices, it was claimed.
To make matters worse, Eclypsium said it only analyzed this specific model and it’s possible that other models also suffer from the same drawbacks, especially since the motherboards in these devices are built by a third party.
“If the data is manipulated through an implant/backdoor in these devices, a threat actor could manipulate a wide range of outcomes, including mimicking the presence or absence of hereditary conditions, manipulating medical treatments or new vaccines, mimicking DNA -research of ancestors, etc.” Eclypsium said.
Since the discovery, Eclypsium notified the iSeq 100 manufacturer, who responded with a patch. There was no word on how many devices are vulnerable, or how quickly the patch will be applied to all of them.
“Our initial assessment indicates that these issues do not pose a high risk,” an Illumina representative said BleepingComputer.
Via BleepingComputer